Anyone out there using a good netflow collector that has the capability data to export to CSV?
Open Source would be best, but any suggestions are welcome.
Thanks,
nfdump with custom output.
Custom output format: -o fmt:..
This is the most flexibel format, as you can specify yourself how the output
looks like. The output format is defined using element tags as well as plain
ascii text.
http://nfdump.sourceforge.net/
Everton
Always liked Luca Deri's set of solutions:
http://www.ntop.org/news.php (not necessarily for netflow, exclusiovely)
***Stefan Mititelu
http://twitter.com/netfortius
http://www.linkedin.com/in/netfortius
And to complement that:
- nfsen
- netflow dashboard
- pmGraph
The first one relies on nfdump, and offers a nice drill down web based analysis tool with the nifty feature that it shows the nfdump commands to be run on the cli to obtain the data output used to represent the current interval
Haven't tried the second one yet, but it uses postgresql to store samples. Might be easy to dump csv from that. Beware though of table growth.
Pmgraph is developed by aptivate.org and I'm sure Chris Wilson will have something good to say about it 
Sorry for no URLs, using big fingers on small Iphone.
If you want something scalable and commercial (read: with support) check out
these guys, I have been using it for a while and it has tons of features and
very flexible reporting (including exports to PDF, CSV, etc):
http://www.netflowauditor.com/
They have a free version as well with limits.
-Scott
If you want yours to come with rap videos look at scrutinizer (no I've
not ever used it)
http://www.youtube.com/watch?v=uUPkGvdXDIM
http://www.youtube.com/watch?v=ilxknbKJ0Pc
Mike Gatti wrote:
Anyone out there using a good netflow collector that has the capability data to export to CSV?
Open Source would be best, but any suggestions are welcome.
There are so many ways to do it. Once you capture the flow data and
store it in raw files, it's just a matter of filtering and converting
the data to whatever format you want. The flow-tools suite has
everything you'd need if you wanted to write some scripts of your own.
For example, flow-export takes a raw flow file as input and can output
in various formats, including ASCII CSV. See `man flow-tools` for more
information on flow-export and other useful flow tools.
That said, I'm using a variation of this setup, from Robert S. Galloway:
http://www.dynamicnetworks.us/netflow/
If you set it up as documented by Mr. Galloway, you'll end up with your
netflow data (IIRC, just networks, octets, and packets) organized into
various RRD files, depending on how you set up CUFlow.cf. For example,
one RRD file per customer. By default, flowscan will delete the raw
flow files after it parses them into RRDs. Optionally, you can retain
your raw flow files by creating a "saved" directory in your flows path
(see flowscan docs).
For visualization, I import the RRD files into Cacti. For CSV output I
wrote a perl script. It pulls data from the resulting RRD files,
computes the 95th percentile(s), among other things, and e-mails the
CSV(s) to the appropriate people at the appropriate times.
Like I said, though, there are so many ways to do it. The way you need
to do it will depend on what you're trying to get out of the netflow data.
Regards,
Michael Hertrick
Neovera, Inc.
We've ran Scrutizer and also Netflow Auditor (also a few others) ... they are ok for "smaller" traffic levels (depending of course on sampling rates). None of them held up though to our expectations and we ended up going with Arbor Peakflow and been extremely happy ever since.
I'd definitely suggest a trial of anything you are considering - we ran out and bought package after package and it didn't work out for us 
Paul
I have to agree. Scales very well, open source, more options than you are likely to ever use.
--Dave
The latest version of WANGuard Flow exports flows to Excel and CSV.
You can download a trial from http://www.andrisoft.com